Saturday, March 12, 2016

Phishing, one of many Cyber Security challenges

Phishing is not a favorite past time, especially for IT professionals or organizations concerned about security. 
What is "Phishing"? It's a method used by hackers to attempt to acquire sensitive information. That includes data such as usernames, passwords, and credit card details. It's often for malicious reasons, and is accomplished by pretending to be a trustworthy entity in an electronic communication.
You need to think like a hacker. There are many tools on the Internet that can assist. If you work at an organization concerned about security, employee awareness is the key.
So how do you achieve security awareness?
This is the biggest challenge for all organizations and individuals alike. Ongoing training will be the key to protecting you.
Below is a great video from SANs that you can share to help increase awareness:


How do you protect yourself against phishing?
  1. Be wary of emails asking for confidential information - especially information of a financial nature. Legitimate organisations will never request sensitive information via email.
  2. Don't get pressured into providing sensitive information. Phishers like to use scare tactics, and may threaten to disable an account or delay services until you update certain information. Be sure to contact the merchant directly to confirm the authenticity of their request.
  3. Watch out for generic-looking requests for information. Fraudulent emails are often not personalized, while authentic emails from your bank often reference an account you have with them. Many phishing emails begin with "Dear Sir/Madam", and some come from a bank with which you don't even have an account.
  4. Never use links in an email to connect to a website unless you are absolutely sure they are authentic. Instead, open a new browser window and type the web address directly into the address bar. Often a phishing website will look identical to the original - look at the address bar to make sure that this is the case.
  5. Make sure you maintain effective software to combat phishing.
If you have any questions, please reach out. 
By at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Cummins uses Microsoft Purview to automate information governance more efficiently in the age of AI | Microsoft Customer Stories

Information governance is essential for managing data privacy and risk, especially in the age of AI. This customer story shows how Cummins u...